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AMENDMENTS TO THE CLAIMS: 

This listing of the claims will replace all prior versions, and listings, of the claims in this 
application and is submitted herewith per 37 C.F.R. §1.121. 

Claims 1-20, 24, 27, 28, 42 and 43 were previously cancelled without prejudice or disclaimer. 
Claims 37-39 and 44 are canceled herein. 

Listing of Claims: 

1-20. (Cancelled) 

21 . (Currently Amended) A computer-implemented method comprising: 

managing a storage area network (SAN) with at least a SAN Management server and 
a SAN Management client, said SAN Management client running a trusted operating system 
and having a communication path to a Fibre Channel adapter, said Fibre Channel adapter 
being disposed between the SAN and at least one computer system running an untrusted 
operating system, said SAN Management server being connected to the at least one computer 
system and the SAN Management client, said SAN Management client being further 
connected to the at least one computer system,-aftd 

separating requests issued by the SAN Management server into at least two groups, 
where a first group of requests is issued to the SAN Management client and processed by the 
Fibre Channel adapter and the SAN on behalf of the SAN Management client in place of the 
at least one computer system, and a second group of requests is issued to and processed by 
the at least one computer system without the need to send or receive requests to or from the 
Fibre Channel adapter and the SA N, where the Fibre Channel adapter accepts requests 
relating to crucial information only from the SAN Management client, where the crucial 
information comprises information relating to at least one of a SAN configuration, a SAN 
component, SAN access rights, error messages, statistics or billing information, where the 
operation of separating the requests issued by the SAN Management server is performed by a 
communication module that is distributed over the SAN Management server and the SAN 
Management client. 
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maintaining authorization data for accessing a Remote Access (RA) Server, where 
said authorization data is maintained in at least one of the SAN Management server and the 
SAN Management Client, and 

operating the SAN Management Client as a router for requests from the SAN 
Management server to the RA server, wherein the RA Server comprises a telnet/sshd server, 
where the connection between the SM server, the SM client and RA server is an internet 
protocol (IP) based network . 

22. (Previously Presented) The method according to claim 21, further comprising: 

routing all information contained in unsolicited messages generated in the SAN and 
Fibre Channel adapter to the SAN Management server by the SAN management client. 

23. (Previously Presented) The method according to claim 21, further comprising: 

using Host Bus Adapter_Application Program Interface binding requests to modify a 
firewall interposed between the at least one computer system and the Fibre Channel adapter, 
and operating the communication path from the SAN Management client to the Fibre 
Channel adapter so that it cannot be modified or eavesdropped by the at least one computer 
system. 

24. (Cancelled) 

25. (Previously Presented) The method according to claim 21, further comprising: 

accessing all information relevant for billing individual ones of the at least one 
computer system, where said information is generated in the Fibre Channel adapter and the 
SAN and where said information is accessed only through the SAN Management client. 

26. (Currently Amended) The method according to claim 21, further comprising: 

said SAN Management server providing first authorization data to the SAN 
Management client to execute requests from said first group, and said SAN Management 
server and SAN Management client providing second authorization data to the at least one 
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computer system to execute requests from said second group, and operating the at least one 
computer system so that it is only enabled to execute a limited command set in the SAN. 

27. (Cancelled) 

28. (Cancelled) 

; 

29. (Currently Amended) A computer program product apparatus tangibly storing a computer ! 
readable program, where the computer readable program when, executed on a computer 

causes the computer to perform operations to manage a storage area network (SAN), the 
operations comprising! comprising : 

managing the SAN comprising at least a SAN Management server and a SAN 
Management client, said SAN Management client running a trusted operating system and 
having a communication path to a Fibre Channel adapter, said Fibre Channel adapter being 
disposed between the SAN and at least one computer system running an untrusted operating 
system, said SAN Management server being connected to the at least one computer system 
and the SAN Management client, said SAN Management client being further connected to 
the at least one computer system, and 

separating requests issued by the SAN Management server into at least two groups, 

where a first group of requests is issued to the SAN Management client and processed 
by the Fibre Channel adapter and the SAN on behalf of the SAN Management client in place 
of the at least one computer system, and 

a second group of requests is issued to and processed by the at least one computer 
system without the need to send or receive requests to or from the Fibre Channel adapter and 
the SAN a 

where the Fibre Channel adapter accepts requests relating to crucial information only 
from the SAN Management client, where the crucial information comprises information 
relating to at least one of a SAN configuration, a SAN component SAN access rights, error 
messages, statistics or billing information, where the operation of separating the requests 
issued by the SAN Management server is performed by a communication module that is 
distributed over the SAN Management server and the SAN Management client, further 
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comprising an operation of maintaining authorization data for accessing a Remote Access 
(RA) Server, where said authorization data is maintained in at least one of the SAN 
Management server and the SAN Management Client, further comprising an operation of 
operating the SAN Management Client as a router for requests from the SAN Management 
server to the RA server, wherein the RA Server comprises a telnet/sshd server, where the 
connection between the SM server, the SM client and RA server is an internet protocol (IP) 
based network . 

30. (Previously Presented) The computer program product apparatus as in claim 29, further 
comprising an operation of: 

routing information contained in unsolicited messages generated in at least one of the 
SAN and Fibre Channel adapter to the SAN Management server by the SAN management 
client. 

31. (Previously Presented) The computer program product apparatus as in claim 29, further 
comprising an operation of: 

using Host Bus Adapter_Application Program Interface binding requests to modify a 
firewall interposed between said at least one computer system and said Fibre Channel 
adapter. 

32. (Previously Presented) The computer program product apparatus as in claim 29, further 
comprising an operation of: 

operating the communication path from the SAN Management client to the Fibre 
Channel adapter so that it cannot be accessed by the at least one computer system. 

33. (Previously Presented) The computer program product apparatus as in claim 29, further 
comprising an operation of: 

accessing information relevant for billing individual ones of the at least one computer 
system, where said information is generated in the Fibre Channel adapter and the SAN and 
where said information is accessed only through the SAN Management client. 
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34. (Previously Presented) The computer program product apparatus as in claim 29, further 
comprising an operation of: 

providing authorization data from the SAN Management server to the SAN 
Management client to execute requests from said first group of requests. 

35. (Previously Presented) The computer program product apparatus as in claim 29, further 
comprising an operation of: 

providing authorization data from the SAN Management server and the SAN 
Management client to the at least one computer system to execute requests from said second 
group of requests. 

36. (Previously Presented) The computer program product apparatus as in claim 29, further 
comprising an operation of enabling the at least one computer system to execute a limited 
command set in the SAN. 

37-39. (Canceled) 

40. (Currently Amended) A storage area network (SAN) Management server, comprising: 

a first interface configured to couple to a SAN Management client running a trusted 
operating system, said SAN Management client being further coupled to a SAN via a SAN 
adapter and to at least one computer system running an untrusted operating system; and 

a second interface configured to couple to the least one computer system, said at least 
one computer system being coupled to the SAN via the SAN adapter and via a unit for 
regulating access to the SAN; 

where said SAN Management server comprises logic for distinguishing a first set of 
requests from a second set of requests, where the first set of requests is issued to the SAN 
Management client and processed by the SAN adapter and the SAN on behalf of said SAN 
Management client in place of the at least one computer system, and where the second set of 
requests is issued to and processed at least in part by the at least one computer system without 
the need to send or receive requests to or from the SAN adapter and the SAN^ 
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where the SAN adapter accepts requests relating to crucial information only from the 
SAN Management client, where the crucial information comprises information relating to at 
least one of a SAN configuration, a SAN component SAN access rights, error messages, 
statistics or billing information, where the operation of separating the requests issued by the 
SAN Management server is performed by a communication module that is distributed over 
the SAN Management server and the SAN Management client, where at least one of the SAN 
Management server and the SAN Management Client is operable to maintain authorization 
data for accessing a Remote Access (RA) Server, where the SAN Management Client is 
operated as a router for requests from the SAN Management server to the RA server, wherein 
the RA Server comprises a telnet/sshd server, where the connection between the SM server, 
the SM client and RA server is an internet protocol (IP) based network . 

41. (Previously Presented) The SAN Management server as in claim 40, where said first set 
of requests comprises at least one of a SAN request and a SAN adapter request, and where 
said second set of requests comprises a request for configuration data of the at least one 
computer system. 

42-44. (Cancelled) 

45. (Previously Presented) The computer program product apparatus as in claim 29, where 
the first group of requests comprises authorized SAN access requests and the second group of 
requests comprises operating system configuration requests. 



